Text Size

-

+

reset

Even if there are serious, widespread privacy concerns with the Cyber Intelligence Sharing and Protection Act, the proposal is virtually guaranteed to undergo a significant overhaul before it can become law.

The controversial measure by Reps. Mike Rogers (R-Mich.) and Dutch Ruppersberger (D-Md.) could clear the House as written, but if that’s the case it’s bound to face the same stiff Senate resistance that killed it in 2012. And without earnest revision, CISPA could just as easily trigger yet another veto threat from the Obama administration in 2013.

However, the leaders for the American Civil Liberties Union, the Competitive Enterprise Institute, the Center for Democracy and Technology, and scores of other opponents are still mounting an almost hyperbolic messaging offensive this week — a strategy they insist is necessary to set the parameters of the coming cybersecurity debate.

“When CISPA passed last year, there was a strong bipartisan opposition and civil liberties outcry. And it led to the bill being toxic,” said Michelle Richardson, legislative counsel for the ACLU. “So that is a worthy goal this time around, again.”

“Even if we can’t stop the bill from passing, getting so many members on record opposing it, and demonstrating to the Senate this sort of thing is unacceptable, still fits into the long-term plan,” Richardson said.

For his part, Rogers emphasized to POLITICO his coalition is strong: “If I had this much support last year, this bill would have been signed into law,” he said in an interview, referring to recent cyberattacks on U.S. media companies.

However, Rogers also acknowledged on a few occasions there may still be space for “improvements” to the bill.

First unveiled in the 112th Congress, CISPA is designed to help private companies and the federal government share data about emerging digital threats — a goal regulators and industry players both share. Indeed, the executive order signed by President Barack Obama in February also tries to facilitate a more robust exchange of cybersecurity information.

However, the House’s bill last year sharply divided the Capitol, where many members felt it was insufficient in its scope and privacy protections.

While CISPA survived a chamber vote, it succeeded only after Rogers and Ruppersberger secured widely demanded changes that limited the scope of the data collected and used by private companies and the government. Yet those revisions still proved insufficient, not only in quieting privacy criticisms but also in satisfying those in the Senate and White House who felt cybersecurity reform should go much further than just improved information-sharing.

The old fights have returned with CISPA’s reintroduction in 2013. Groups like the ACLU, CDT, the Electronic Frontier Foundation and others believe the bill, as passed last year, might leave consumers’ personal data in the hands of the federal government. They further fret CISPA’s designation that the secretive National Security Agency is to occupy pole position in any new information-sharing regime. And opponents fear the proposal’s vague definitions give companies broad legal immunity while protecting details about the program from public view.